Vida Ahmadi Mehri, Dragos Ilie and Kurt Tutschku

IoT systems are increasingly composed out of flexible, programmable, virtualised, and arbitrarily chained IoT elements and services using portable code. Moreover, they might be sliced, i.e. allowing multiple logical IoT systems (network + application) to run on top of a shared physical network and compute infrastructure. However, implementing and designing particularly security mechanisms for such IoT systems is challenging since a) promising technologies are still maturing, and b) the relationships among the many requirements, technologies and components are difficult to model a-priori.

The aim of the paper is to define design cues for the security architecture and mechanisms of future, virtualised, arbitrarily chained, and eventually sliced IoT systems. Hereby, our focus is laid on the authorisation and authentication of user and host, as well as on code integrity in these virtualised systems. The design cues are derived from the design and implementation of a secure virtual environment for distributed and collaborative AI system engineering using so called AI pipelines. The pipelines apply chained virtual elements and services and facilitate the slicing of the system. The virtual environment is denoted for short as the virtual premise (VP). The use-case of the VP for AI design provides insight into the complex interactions in the architecture, leading us to believe that the VP concept can be generalised to the IoT systems mentioned above. In addition, the use-case permits to derive, implement, and test solutions. This paper describes the flexible architecture of the VP and the design and implementation of access and execution control in virtual and containerised environments.

View More Papers

Tattle Tale Security: An Intrusion Detection System for Medical...

Lanier Watkins, Shreya Aggarwal, Omotola Akeredolu, William H. Robinson and Aviel Rubin

Read More

Information Leaks in Sequential Federated Learning

Anastassiya Pustozerova and Rudolf Mayer (SBA Research, Austria)

Read More

OAuth 2.0 Authorization using Blockchain-based Tokens

Nikos Fotiou, Iakovos Pittaras, Vasilios A. Siris, Spyros Voulgaris and George C. Polyzos (Athens University of Economics and Business, Greece)

Read More

Security Analysis against Spoofing Attacks for Distributed UAVs

Kyo Hyun Kim (University of Illinois at Urbana-Champaign, USA); Siddhartha Nalluri (Duke University, USA); Ashish Kashinath (University of Illinois at...

Read More